TTM4205

This is the official course website for TTM4205 Secure Cryptographic Implementations during Fall of 2025.

This course was taught for the first time during the fall semester of 2023. The course material and assignments from earlier semesters can be found here: 2023 and 2024. Furthermore, the grade distribution in this course can be found at karakterer.net/course/TTM4205, and I encourage you to check out the student evaluations from 2023 and 2024.

Course Description

The course covers how to implement, analyse, attack, protect and securely compose cryptographic algorithms in practice.
It goes in depth on how to implement computer arithmetic, attacking implementations using side-channel attacks and fault
injection, exploit padding oracles and low-entropy randomness, utilise techniques to defend against these attacks, and how
to securely design misuse-resistant APIs.

See the full course description at ntnu.edu/studies/courses/TTM4205.

Course Staff

Lecturer:   Tjerand Silde
Contact:    tjerand.silde@ntnu.no
Office:      Electro B225
Webpage:   tjerandsilde.no

Lab/Teaching Assistant: Caroline Sandsbråten
Contact:    caroline.sandsbraten@ntnu.no
Office:      Electro B211
Webpage:   carosa.no

Reference Group

Please reach out to be involved in the reference group.

Ed Forum

We use Ed as a forum in this course, and enrolled students can access the forum at edstem.org/eu/courses/2376.
Note that the first time you log in to Ed you must do so using the link in the sidebar on Blackboard.

Course Materials

The course materials are the lecture slides, references therein, and the assignments.
We do not require that you buy any books, but recommend the following literature:

1. Serious Cryptography by Jean-Philippe Aumasson at akademika.no
2. Real-World Cryptography by David Wong at akademika.no

Additional great resources in applied cryptography are:

• A Graduate Course in Applied Cryptography by Dan Boneh and Victor Shoup at toc.cryptobook.us (freely available)
• Introduction to Modern Cryptography by Jonathan Katz and Yehuda Lindell at akademika.no or NTNU University Library
• The Hardware Hacking Handbook by Jasper van Woudenberg and Colin O’Flynn at akademika.no

Portfolio Assignment

The evaluation in this course will consist of three assignments of 100 points total.

All assignments must be submitted via Ovsys2 at: ovsys.iik.ntnu.no.

Weekly Problems (40 points)

This assignment will contain the following kinds of problems:

• Mathematical problems
• Coding problems
• CryptoHack problems

The assignement is available here: TTM4205 Weekly Problems (published 15/8)

The submission deadline is December 7th at 23:59.

ChipWhisperer Lab (20 points)

This assignment will contain side-channel attack (SCA) lab work using the ChipWhisperer Husky
equipment, which we will provide to all students who signed up for the course. You will get
access to the CRYPTO-LAB in Electro A176 to work on the assignment.

The problem set will be available in September.

The submission deadline is December 7th at 23:59.

Technical Essay (40 points)

This assignment is to write a technical essay about a topic not covered by the
lectures or to cover a topic from the lectures in more depth. It is mandatory for
each group to present their work, but it does not count towards the final grades.

Most important guidelines:

• Groups of 2 or 3 students each
• Essays of roughly 8 to 10 pages
• Essays written in LaTeX
• Short oral presentations

The assignement is available here: TTM4205 Technical Essay (published 15/8)

Deadlines:

• Topic/scope/group approval (mandatory, email): October 31st
• Short oral presentations (mandatory): November 14th or November 17nd
• Draft submission for feedback (voluntary): November 21nd
• Receive feedback on draft (voluntary): December 5th
• Final submission (mandatory): December 19th at 23:59.

Grading

We will use the official NTNU grading scale to assign combined grades.

Lecture Plan

We have the following sessions in lecture room R73 this semester:

• Mondays at 15:15-17:00: Lecture
• Fridays at 12:15-14:00: Lecture OR Lab
• Fridays at 14:15-16:00: Exercises OR Lab

Guest Lectures in November:

1. Tuesday 12/11: TBA
2. Friday 15/11: Markku-Juhani O. Saarinen (Tampere) on “PQCP Support for RISC-V Vector, future Keccak Extensions”

(the schedule might be subject to small changes)

Week	Date	Format	Responsible	Topic	Resources
34	18/8	Lecture	Tjerand	Course Introduction	Slides
34	22/8	Lecture	Tjerand	Randomness 1: Entropy
34	22/8	Exercises	Caroline	Exercise Class
35	25/8	Lecture	Caroline	Randomness 2: Breaking ECDSA
35	29/8	Lecture	Tjerand	Randomness 3: Randomization
35	29/8	Exercises	Caroline	Exercise Class
36	1/9	Lecture	Tjerand	Legacy Crypto 1: Crypto Wars
36	5/9	Lecture	Tjerand	Legacy Crypto 2: Attacks on TLS
36	5/9	Exercises	Caroline	Exercise Class
37	8/9	Lecture	Tjerand	Padding Oracles 1: CBC and SHA
37	12/9	Lecture	Tjerand	Padding Oracles 2: RSA Encryption
37	12/9	Exercises	Caroline	Excercise Class
38	15/9	Lecture	Tjerand	Quantum-Safe Encryption
38	19/9	Lecture	Tjerand	Quantum-Safe Signatures
38	19/9	Lab	Caroline	Exercise Class
39	22/9	Lecture	Tjerand	Side-Channel Attack (SCA): Intro
39	26/9	Lab	Caroline	SCA Setup Tutorial
39	26/9	Lab	Caroline	SCA Lab 1 (2h)
40	29/9	Lecture	Tjerand	SCA on Symmetric Key Crypto
40	3/10	Lab	Caroline	SCA Lab 2 (4h)
41	6/10	Lecture	Caroline	SCA on Public Key Crypto
41	10/10	Lab	Caroline	SCA Lab 3 (4h)
41	13/10	Lecture	Tjerand	SCA on Quantum-Safe Crypto
42	17/10	Lab	Caroline	SCA Lab 4 (4h)
43	20/10	Lecture	Tjerand	Crypto API Failures
43	24/10	Lecture	Tjerand	Commitments and Zero-Knowledge
43	24/10	Exercises	Caroline	Exercise Class
44	27/10	Lecture	Tjerand	Protocol Composition 1: RSA
44	31/11	No Class
45	3/11	Lecture	Tjerand	Protocol Composition 2: DLOG
45	7/11	Lecture	Tjerand	Course Summary
45	7/11	Exercises	Caroline	Exercise Class
46	10/11	Guest Lecture	Tjerand	Guest Lecture 1
46	14/11	Presentations	Tjerand	Project Presentations
47	17/11	Presentations	Tjerand	Project Presentations
47	21/11	Guest Lecture	Tjerand	Guest Lecture 2: Markku
47	21/11	Exercises	Caroline	Exercise Class